VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-tm7v-m1d3-tuap

Essentials
Severities (36)
References (32)
Severity details (17)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-tm7v-m1d3-tuap
Aliases	CVE-2024-27808
Summary	The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.
Status	Published
Exploitability	0.5
Weighted Severity	7.9
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27808.json
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-27808
cvssv3.1	7.5	http://seclists.org/fulldisclosure/2024/Jun/5
ssvc	Track	http://seclists.org/fulldisclosure/2024/Jun/5
cvssv3.1	8.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2024-27808
cvssv3.1	7.5	https://support.apple.com/en-us/HT214101
ssvc	Track	https://support.apple.com/en-us/HT214101
cvssv3.1	7.5	https://support.apple.com/en-us/HT214102
ssvc	Track	https://support.apple.com/en-us/HT214102
cvssv3.1	7.5	https://support.apple.com/en-us/HT214103
ssvc	Track	https://support.apple.com/en-us/HT214103
cvssv3.1	7.5	https://support.apple.com/en-us/HT214104
ssvc	Track	https://support.apple.com/en-us/HT214104
cvssv3.1	7.5	https://support.apple.com/en-us/HT214106
ssvc	Track	https://support.apple.com/en-us/HT214106
cvssv3.1	7.5	https://support.apple.com/en-us/HT214108
ssvc	Track	https://support.apple.com/en-us/HT214108

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27808.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-27808
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27808
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27820
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27833
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27834
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2314697		https://bugzilla.redhat.com/show_bug.cgi?id=2314697
5		http://seclists.org/fulldisclosure/2024/Jun/5
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-27808		https://nvd.nist.gov/vuln/detail/CVE-2024-27808
HT214101		https://support.apple.com/en-us/HT214101
HT214102		https://support.apple.com/en-us/HT214102
HT214103		https://support.apple.com/en-us/HT214103
HT214104		https://support.apple.com/en-us/HT214104
HT214106		https://support.apple.com/en-us/HT214106
HT214108		https://support.apple.com/en-us/HT214108
RHSA-2023:4201		https://access.redhat.com/errata/RHSA-2023:4201
RHSA-2023:4202		https://access.redhat.com/errata/RHSA-2023:4202
RHSA-2024:8496		https://access.redhat.com/errata/RHSA-2024:8496
RHSA-2024:9638		https://access.redhat.com/errata/RHSA-2024:9638
RHSA-2024:9646		https://access.redhat.com/errata/RHSA-2024:9646
RHSA-2024:9653		https://access.redhat.com/errata/RHSA-2024:9653
RHSA-2024:9679		https://access.redhat.com/errata/RHSA-2024:9679
RHSA-2024:9680		https://access.redhat.com/errata/RHSA-2024:9680
RHSA-2025:10364		https://access.redhat.com/errata/RHSA-2025:10364

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27808.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2024/Jun/5

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at http://seclists.org/fulldisclosure/2024/Jun/5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-27808

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT214101

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at https://support.apple.com/en-us/HT214101

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT214102

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at https://support.apple.com/en-us/HT214102

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT214103

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at https://support.apple.com/en-us/HT214103

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT214104

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at https://support.apple.com/en-us/HT214104

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT214106

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at https://support.apple.com/en-us/HT214106

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT214108

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T13:58:44Z/ Found at https://support.apple.com/en-us/HT214108

Exploit Prediction Scoring System (EPSS)

Percentile	0.40818
EPSS Score	0.00186
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:09:57.563914+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2024/27xxx/CVE-2024-27808.json	37.0.0